<?php

/**
 * dologin.php
 * @package versionManager
 * @filesource
 */

/*	Close the backdoor	*/
$curPage = strtoupper($_SERVER['PHP_SELF']);
if (isset($curPage) && strpos($curPage, 'INDEX.PHP') === false)
    header('Location:./index.php');


/*	Check if there is a form submitted	*/
if (isset($_POST['username']) && isset($_POST['password'])) {
    $username = mysql_real_escape_string($_POST['username']);
    $password = mysql_real_escape_string($_POST['password']);

    /*	Check if can authenticate	*/
    if ($session->userLogin($username, $password) == true) {
        header('Location:./index.php?action=display');

    } else {
        /*	return error msg	*/
        $error = 'Login Failed';

        /*	load the page header	*/
        require_once (TEMPLATE_PATH . 'header.tpl');

        /*	Load the template	*/
        $templateContent = file_get_contents(TEMPLATE_PATH . 'login.tpl');

        /*	Remove the error container	*/
        $templateContent = str_replace('&&ERRMSG&&', $error, $templateContent);

        /*	Echo the page	*/
        echo $templateContent;


    }

}

?>